Author Topic: Directly running a .zip, kinda  (Read 23938 times)

0 Members and 2 Guests are viewing this topic.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Directly running a .zip, kinda
« Reply #15 on: February 20, 2006, 08:11:41 pm »
Most likely, I turn them on personally. Mostly because to make "PHP" files I make textfiles then rename the extension. Otherwise I'd leave them off.

If that's the only reason you enable that feature, you're obviously not considering all of the other advantages it entails.

Offline ink

  • Newbie
  • *
  • Posts: 74
    • View Profile
Re: Directly running a .zip, kinda
« Reply #16 on: February 20, 2006, 08:15:36 pm »
Quote
If that's the only reason you enable that feature, you're obviously not considering all of the other advantages it entails.

Agreed. Lets say you want to send an EXE to a friend via e-mail, but your e-mail provider doesn't allow exe's to be sent, even if archieved. In which case you could rename your exe to a jpg and send it then he could rename it to exe.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Directly running a .zip, kinda
« Reply #17 on: February 20, 2006, 08:42:18 pm »
Most likely, I turn them on personally. Mostly because to make "PHP" files I make textfiles then rename the extension. Otherwise I'd leave them off.

If that's the only reason you enable that feature, you're obviously not considering all of the other advantages it entails.
Agreed.  From a security perspective, it's one of the dumbest decisions I've seen.  And that's saying a lot.  But making sure that people have NO idea what type of file they're running can cause nothing but bad things. 

I tell my family members, "don't open anything that ends with .exe, .pif, [etc]", and my grandpa's friend even has it on a sticky note on his monitor.  But when it's sitting on his desktop, he doesn't know what type of file it is.  And he doesn't know how to find out.  So especially for people like him, having extensions disabled is asinine. 

Offline Warrior

  • supreme mac daddy of trolls
  • Hero Member
  • *****
  • Posts: 7503
  • One for a Dime two for a Quarter!
    • View Profile
Re: Directly running a .zip, kinda
« Reply #18 on: February 20, 2006, 08:51:17 pm »
Sorry, I don't live under a rock in fear of every exploit out there. Funny how I've almost never been "exploited 0mgz". You guys have been using Linux too much, it's like vietnam vets. Jumpy as fuck.
One must ask oneself: "do I will trolling to become a universal law?" And then when one realizes "yes, I do will it to be such," one feels completely justified.
-- from Groundwork for the Metaphysics of Trolling

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Directly running a .zip, kinda
« Reply #19 on: February 20, 2006, 09:04:07 pm »
Sorry, I don't live under a rock in fear of every exploit out there. Funny how I've almost never been "exploited 0mgz". You guys have been using Linux too much, it's like vietnam vets. Jumpy as fuck.

That's because you're computer literate; you understand that option exists and know how to change its value.  The people iago are discussing aren't computer literate; they're the masses.  This is one of the several reasons that Windows systems are so easy to infect from a global standing.  At least 60% (rough estimate) of the people who recieve a file aren't going to understand the chance that it isn't exactly what they think it is.  They open it and their system is suddenly infected.

Offline Warrior

  • supreme mac daddy of trolls
  • Hero Member
  • *****
  • Posts: 7503
  • One for a Dime two for a Quarter!
    • View Profile
Re: Directly running a .zip, kinda
« Reply #20 on: February 20, 2006, 09:08:33 pm »
Sorry, I don't live under a rock in fear of every exploit out there. Funny how I've almost never been "exploited 0mgz". You guys have been using Linux too much, it's like vietnam vets. Jumpy as fuck.

That's because you're computer literate; you understand that option exists and know how to change its value.  The people iago are discussing aren't computer literate; they're the masses.  This is one of the several reasons that Windows systems are so easy to infect from a global standing.  At least 60% (rough estimate) of the people who recieve a file aren't going to understand the chance that it isn't exactly what they think it is.  They open it and their system is suddenly infected.

Except...windows..isn't targeted. You infect a home user you get nothing, a few pictures, some music, a program or two. Aside from that, nothing.
One must ask oneself: "do I will trolling to become a universal law?" And then when one realizes "yes, I do will it to be such," one feels completely justified.
-- from Groundwork for the Metaphysics of Trolling

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Directly running a .zip, kinda
« Reply #21 on: February 20, 2006, 09:36:47 pm »
Except...windows..isn't targeted. You infect a home user you get nothing, a few pictures, some music, a program or two. Aside from that, nothing.

And that makes it okay for Windows to allow security flaws in their OS?

Offline Warrior

  • supreme mac daddy of trolls
  • Hero Member
  • *****
  • Posts: 7503
  • One for a Dime two for a Quarter!
    • View Profile
Re: Directly running a .zip, kinda
« Reply #22 on: February 20, 2006, 09:40:05 pm »
How exactly is this a flaw? I'd call it a neat trick.
One must ask oneself: "do I will trolling to become a universal law?" And then when one realizes "yes, I do will it to be such," one feels completely justified.
-- from Groundwork for the Metaphysics of Trolling

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Directly running a .zip, kinda
« Reply #23 on: February 20, 2006, 09:56:20 pm »
How exactly is this a flaw? I'd call it a neat trick.

You think this is the only security hole Microsoft has left in Windows?  Ha!

Offline Warrior

  • supreme mac daddy of trolls
  • Hero Member
  • *****
  • Posts: 7503
  • One for a Dime two for a Quarter!
    • View Profile
Re: Directly running a .zip, kinda
« Reply #24 on: February 20, 2006, 10:03:29 pm »
I'm not talking about the rest, this is a topic on this specific one so it'd make sense that I'm talking about this one..
One must ask oneself: "do I will trolling to become a universal law?" And then when one realizes "yes, I do will it to be such," one feels completely justified.
-- from Groundwork for the Metaphysics of Trolling

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Directly running a .zip, kinda
« Reply #25 on: February 20, 2006, 10:11:32 pm »
I'm not talking about the rest, this is a topic on this specific one so it'd make sense that I'm talking about this one..

Nice way to dodge the argument, Warrior.  Here you are saying that Windows has "revolutionary" security features, yet you fail to defend it when issues like these arrise.

I think it's a flaw because it allows people to exploit people's ignorance.  If it was disabled by default, it would be a more difficult task.

Offline Warrior

  • supreme mac daddy of trolls
  • Hero Member
  • *****
  • Posts: 7503
  • One for a Dime two for a Quarter!
    • View Profile
Re: Directly running a .zip, kinda
« Reply #26 on: February 20, 2006, 10:27:28 pm »
I'm not talking about the rest, this is a topic on this specific one so it'd make sense that I'm talking about this one..

Nice way to dodge the argument, Warrior.  Here you are saying that Windows has "revolutionary" security features, yet you fail to defend it when issues like these arrise.

I have no idea what the hell you mean, if you want me to address the argument (As irrelevant as it is) I will. While we're at it let's talk about how MacOSX has a shiny bar since we're in the mood to discuss things offtopic!

Windows Vista has improved security, things like this wouldn't happen since now the shell features more information than before per file so simple exploits like this are irrelevant. Now others exploits most of them are either fixed each month or completely squashed with Vista's new permission system.
One must ask oneself: "do I will trolling to become a universal law?" And then when one realizes "yes, I do will it to be such," one feels completely justified.
-- from Groundwork for the Metaphysics of Trolling

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Directly running a .zip, kinda
« Reply #27 on: February 20, 2006, 10:43:20 pm »
I have no idea what the hell you mean, if you want me to address the argument (As irrelevant as it is) I will. While we're at it let's talk about how MacOSX has a shiny bar since we're in the mood to discuss things offtopic!

Windows Vista has improved security, things like this wouldn't happen since now the shell features more information than before per file so simple exploits like this are irrelevant. Now others exploits most of them are either fixed each month or completely squashed with Vista's new permission system.

I was under the impression that Vista was still going to use NTFS?  Sorry if I'm incorrect.

Concurrently, I'd like to point out I'm talking about Windows XP, not Vista.

Offline ink

  • Newbie
  • *
  • Posts: 74
    • View Profile
Re: Directly running a .zip, kinda
« Reply #28 on: February 20, 2006, 10:46:34 pm »
Windows IS most definately the target of many hackers. to say otherwise would be rediculous

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Directly running a .zip, kinda
« Reply #29 on: February 20, 2006, 10:46:56 pm »
Windows IS most definately the target of many hackers. to say otherwise would be rediculous

YA RLY.